Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-23 | CVE-2021-25203 | Unrestricted Upload of File with Dangerous Type vulnerability in Victor CMS Project Victor CMS 1.0 Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php. | 9.8 |
| 2021-07-23 | CVE-2021-25206 | Unrestricted Upload of File with Dangerous Type vulnerability in Responsive Ordering System Project Responsive Ordering System 1.0 Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php. | 9.8 |
| 2021-07-23 | CVE-2021-25208 | Unrestricted Upload of File with Dangerous Type vulnerability in Travel Management System Project Travel Management System 1.0 Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php. | 9.8 |
| 2021-07-23 | CVE-2021-25207 | Unrestricted Upload of File with Dangerous Type vulnerability in E-Commerce Website Project E-Commerce Website 1.0 Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php. | 9.8 |
| 2021-07-22 | CVE-2021-25211 | Unrestricted Upload of File with Dangerous Type vulnerability in Online Ordering System Project Online Ordering System 1.0 Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php. | 9.8 |
| 2021-07-22 | CVE-2021-25210 | Unrestricted Upload of File with Dangerous Type vulnerability in Alumni Management System Project Alumni Management System 1.0 Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php. | 9.8 |
| 2021-07-15 | CVE-2021-29699 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. | 6.8 |
| 2021-07-13 | CVE-2021-36121 | Unrestricted Upload of File with Dangerous Type vulnerability in Echobh Sharecare 8.15.5 An issue was discovered in Echo ShareCare 8.15.5. | 8.8 |
| 2021-07-09 | CVE-2021-30118 | Unrestricted Upload of File with Dangerous Type vulnerability in Kaseya VSA An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management (RMM) 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leading to RCE. | 9.8 |
| 2021-07-07 | CVE-2021-28931 | Unrestricted Upload of File with Dangerous Type vulnerability in Fork-Cms Fork CMS 5.9.2 Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel. | 8.8 |